Utilizing Dynamic Analysis for Web Application Penetration Testing
| but.event.date | 23.04.2024 | cs |
| but.event.title | STUDENT EEICT 2024 | cs |
| dc.contributor.author | Píš, Patrik | |
| dc.contributor.author | Lazarov, Willi | |
| dc.date.accessioned | 2024-07-09T07:47:48Z | |
| dc.date.available | 2024-07-09T07:47:48Z | |
| dc.date.issued | 2024 | cs |
| dc.description.abstract | This paper presents the design and implementation of a new modular tool, called PtWebDA, for dynamic analysis of web applications as one of the techniques used in penetration testing. Compared to other available tools and their limitations, our solution enables efficient rate limiting while also allowing testing of HTTP headers, cookie attributes, and content security policy directives. To verify its effectiveness in supporting manual web application penetration testing, we performed experimental testing in a controlled environment. The results of testing the presented tool PtWebDA are discussed in detail and highlight the key contributions of our solution. | en |
| dc.format | text | cs |
| dc.format.extent | 92-95 | cs |
| dc.format.mimetype | application/pdf | en |
| dc.identifier.citation | Proceedings II of the 30st Conference STUDENT EEICT 2024: Selected papers. s. 92-95. ISBN 978-80-214-6230-4 | cs |
| dc.identifier.doi | 10.13164/eeict.2024.92 | |
| dc.identifier.isbn | 978-80-214-6230-4 | |
| dc.identifier.issn | 2788-1334 | |
| dc.identifier.uri | https://hdl.handle.net/11012/249290 | |
| dc.language.iso | en | cs |
| dc.publisher | Vysoké učení technické v Brně, Fakulta elektrotechniky a komunikačních technologií | cs |
| dc.relation.ispartof | Proceedings II of the 30st Conference STUDENT EEICT 2024: Selected papers | en |
| dc.relation.uri | https://www.eeict.cz/eeict_download/archiv/sborniky/EEICT_2024_sbornik_2.pdf | cs |
| dc.rights | © Vysoké učení technické v Brně, Fakulta elektrotechniky a komunikačních technologií | cs |
| dc.rights.access | openAccess | en |
| dc.subject | cybersecurity | en |
| dc.subject | dynamic analysis | en |
| dc.subject | penetration testing | en |
| dc.subject | rate limiting | en |
| dc.subject | cookies | en |
| dc.subject | CSP directives | en |
| dc.subject | HTTP headers | en |
| dc.title | Utilizing Dynamic Analysis for Web Application Penetration Testing | en |
| dc.type.driver | conferenceObject | en |
| dc.type.status | Peer-reviewed | en |
| dc.type.version | publishedVersion | en |
| eprints.affiliatedInstitution.department | Fakulta elektrotechniky a komunikačních technologií | cs |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- 92-eeict-2024-II.pdf
- Size:
- 583 KB
- Format:
- Adobe Portable Document Format
- Description: